Linux Netfilter / IP Tables Devel

Date Index

[Prev Page][Next Page]

Re: [PATCH 2/3] evaluate: allow to use string with binary operations, (continued)
- Re: [PATCH 0/3 nft] [RFC] more syntax changes, Arturo Borrero Gonzalez
randconfig build error with next-20140113, in net/netfilter/nft_reject.c, Jim Davis
- Re: randconfig build error with next-20140113, in net/netfilter/nft_reject.c, Paul Gortmaker
[PATCH nft] expression: fix output of verdict maps, Pablo Neira Ayuso
- Re: [PATCH nft] expression: fix output of verdict maps, Patrick McHardy
  - Re: [PATCH nft] expression: fix output of verdict maps, Patrick McHardy
    - Re: [PATCH nft] expression: fix output of verdict maps, Pablo Neira Ayuso
      - Re: [PATCH nft] expression: fix output of verdict maps, Patrick McHardy
- Re: [PATCH nft] expression: fix output of verdict maps, Pablo Neira Ayuso
  - Re: [PATCH nft] expression: fix output of verdict maps, Patrick McHardy
    - Re: [PATCH nft] expression: fix output of verdict maps, Pablo Neira Ayuso
[libnftables PATCH] set: xml: data_type/data_len are optional, Arturo Borrero Gonzalez
[PATCH nftables] netfilter: nf_tables: fix unmet dependencies in nf_tables_inet, Pablo Neira Ayuso
nftables: improve build system, Jan Engelhardt
- [PATCH 1/3] build: remove unused checks, Jan Engelhardt
- [PATCH 3/3] build: use automake and pkgconfig, Jan Engelhardt
- [PATCH 2/3] build: rename conflicting parser.h instances, Jan Engelhardt
- Re: nftables: improve build system, Patrick McHardy
  - Re: nftables: improve build system, Jan Engelhardt
    - Re: nftables: improve build system, Patrick McHardy
      - Re: nftables: improve build system, Jan Engelhardt
[PATCH] nftables: Drop hard coded install using root user owner and group., Kevin Fenzi
- Re: [PATCH] nftables: Drop hard coded install using root user owner and group., Patrick McHardy
nftables/libnftables packages for Fedora, Kevin Fenzi
- Re: nftables/libnftables packages for Fedora, Arturo Borrero Gonzalez
  - Re: nftables/libnftables packages for Fedora, Kevin Fenzi
    - Re: nftables/libnftables packages for Fedora, Pablo Neira Ayuso
      - Re: nftables/libnftables packages for Fedora, Arturo Borrero Gonzalez
  - Re: nftables/libnftables packages for Fedora, Kevin Fenzi
    - Re: nftables/libnftables packages for Fedora, Patrick McHardy
  - Re: nftables/libnftables packages for Fedora, Patrick McHardy
- Re: nftables/libnftables packages for Fedora, Patrick McHardy
- Re: nftables/libnftables packages for Fedora, Patrick McHardy
- Re: nftables/libnftables packages for Fedora, Jan Engelhardt
  - Re: nftables/libnftables packages for Fedora, Patrick McHardy
    - Re: nftables/libnftables packages for Fedora, Kevin Fenzi
      - Re: nftables/libnftables packages for Fedora, Patrick McHardy
        
        Re: nftables/libnftables packages for Fedora, Kevin Fenzi
        
        Re: nftables/libnftables packages for Fedora, Pablo Neira Ayuso
[RFC nft PATCH] syntax: replace '=>' with '=:', Arturo Borrero Gonzalez
- Re: [RFC nft PATCH] syntax: replace '=>' with '=:', Patrick McHardy
  - Re: [RFC nft PATCH] syntax: replace '=>' with '=:', Arturo Borrero Gonzalez
    - Re: [RFC nft PATCH] syntax: replace '=>' with '=:', Patrick McHardy
      - Re: [RFC nft PATCH] syntax: replace '=>' with '=:', Arturo Borrero Gonzalez
        
        Re: [RFC nft PATCH] syntax: replace '=>' with '=:', Patrick McHardy
        
        Re: [RFC nft PATCH] syntax: replace '=>' with '=:', Pablo Neira Ayuso
Fwd: Bug 883 - Uninitialized values in libnetfilter_log.c, Ivan Homoliak
- Re: Fwd: Bug 883 - Uninitialized values in libnetfilter_log.c, Phil Oester
[PATCH libnftables v4] Add support for ct set, Kristian Evensen
- Re: [PATCH libnftables v4] Add support for ct set, Pablo Neira Ayuso
[PATCH libnftables] meta: Let user specify any combination of sreg/dreg, Kristian Evensen
- Re: [PATCH libnftables] meta: Let user specify any combination of sreg/dreg, Pablo Neira Ayuso
[PATCH netfilter: nf_ct] Fix compilation warning if NF_CONNTRACK_MARK is not set, Kristian Evensen
- Re: [PATCH netfilter: nf_ct] Fix compilation warning if NF_CONNTRACK_MARK is not set, Pablo Neira Ayuso
[PATCH] netfilter updates for net-next, Pablo Neira Ayuso
- [PATCH] netfilter: introduce l2tp match extension, Pablo Neira Ayuso
- Re: [PATCH] netfilter updates for net-next, David Miller
[PATCH] netfilter: nf_tables: fix missing byteorder conversion in policy, Pablo Neira Ayuso
[PATCH iptables-nftables] nft: fix inconsistent data type in NFT_EXPR_CMP_OP and NFT_EXPR_META_KEY, Pablo Neira Ayuso
[PATCH nft] netlink: fix wrong type in attributes, Pablo Neira Ayuso
[PATCH libnftables] expr: fix incorrect data type for several expression object fields, Pablo Neira Ayuso
[libnftables PATCH next-3.14] expr: fix registers datatypes, Arturo Borrero Gonzalez
- Re: [libnftables PATCH next-3.14] expr: fix registers datatypes, Pablo Neira Ayuso
[PATCH 0/4] nftables: bug fixes and minor cleanups, Patrick McHardy
- [PATCH 1/4] nftables: shorten "could not process rule in batch" message, Patrick McHardy
- [PATCH 2/4] erec: fix error markup for errors starting at column 0, Patrick McHardy
- [PATCH 4/4] meta: fix crash when parsing unresolvable mark values, Patrick McHardy
- [PATCH 3/4] datatype: revert "fix crash if wrong integer type is passed", Patrick McHardy
datatype: fix crash if wrong integer type is passed, Patrick McHardy
- Re: datatype: fix crash if wrong integer type is passed, Pablo Neira Ayuso
  - Re: datatype: fix crash if wrong integer type is passed, Patrick McHardy
    - Re: datatype: fix crash if wrong integer type is passed, Pablo Neira Ayuso
      - Re: datatype: fix crash if wrong integer type is passed, Patrick McHardy
[PATCH 00/23] nf_tables updates for net-next, Pablo Neira Ayuso
- [PATCH 05/23] netfilter: nf_tables: add "inet" table for IPv4/IPv6, Pablo Neira Ayuso
- [PATCH 18/23] netfilter: nf_tables: minor nf_chain_type cleanups, Pablo Neira Ayuso
- [PATCH 22/23] netfilter: nf_tables: rename nft_do_chain_pktinfo() to nft_do_chain(), Pablo Neira Ayuso
- [PATCH 23/23] netfilter: nf_tables: fix error path in the init functions, Pablo Neira Ayuso
- [PATCH 19/23] netfilter: nf_tables: perform flags validation before table allocation, Pablo Neira Ayuso
- [PATCH 14/23] netfilter: nf_tables: fix chain type module reference handling, Pablo Neira Ayuso
- [PATCH 16/23] netfilter: nf_tables: replay request after dropping locks to load chain type, Pablo Neira Ayuso
- [PATCH 15/23] netfilter: nf_tables: add missing module references to chain types, Pablo Neira Ayuso
- [PATCH 20/23] netfilter: nf_tables: take AF module reference when creating a table, Pablo Neira Ayuso
- [PATCH 21/23] netfilter: nf_tables: prohibit deletion of a table with existing sets, Pablo Neira Ayuso
- [PATCH 17/23] netfilter: nf_tables: constify chain type definitions and pointers, Pablo Neira Ayuso
- [PATCH 04/23] netfilter: nf_tables: add support for multi family tables, Pablo Neira Ayuso
- [PATCH 06/23] netfilter: nf_tables: add nfproto support to meta expression, Pablo Neira Ayuso
- [PATCH 12/23] netfilter: nf_tables: restore chain change atomicity, Pablo Neira Ayuso
- [PATCH 13/23] netfilter: nf_tables: fix check for table overflow, Pablo Neira Ayuso
- [PATCH 10/23] netfilter: nft_meta: fix lack of validation of the input register, Pablo Neira Ayuso
- [PATCH 09/23] netfilter: nft_ct: Add support to set the connmark, Pablo Neira Ayuso
- [PATCH 11/23] netfilter: nf_tables: split chain policy validation from actually setting it, Pablo Neira Ayuso
- [PATCH 07/23] netfilter: nft_meta: add l4proto support, Pablo Neira Ayuso
- [PATCH 08/23] netfilter: nft_ct: load both IPv4 and IPv6 conntrack modules for NFPROTO_INET, Pablo Neira Ayuso
  - Re: [PATCH 08/23] netfilter: nft_ct: load both IPv4 and IPv6 conntrack modules for NFPROTO_INET, Sergei Shtylyov
    - Re: [PATCH 08/23] netfilter: nft_ct: load both IPv4 and IPv6 conntrack modules for NFPROTO_INET, Patrick McHardy
      - Re: [PATCH 08/23] netfilter: nft_ct: load both IPv4 and IPv6 conntrack modules for NFPROTO_INET, David Miller
        
        Re: [PATCH 08/23] netfilter: nft_ct: load both IPv4 and IPv6 conntrack modules for NFPROTO_INET, Patrick McHardy
- [PATCH 01/23] netfilter: nft_reject: fix compilation warning if NF_TABLES_IPV6 is disabled, Pablo Neira Ayuso
  - Re: [PATCH 01/23] netfilter: nft_reject: fix compilation warning if NF_TABLES_IPV6 is disabled, Sergei Shtylyov
    - Re: [PATCH 01/23] netfilter: nft_reject: fix compilation warning if NF_TABLES_IPV6 is disabled, David Miller
- [PATCH 03/23] netfilter: nf_tables: add hook ops to struct nft_pktinfo, Pablo Neira Ayuso
- [PATCH 02/23] netfilter: nf_tables: make chain types override the default AF functions, Pablo Neira Ayuso
- Re: [PATCH 00/23] nf_tables updates for net-next, David Miller
[PATCH libnftables next-3.14 v2] src: fix compilation due to missing NFPROTO_INET definition, Pablo Neira Ayuso
[PATCH libnftables next-3.14] src: fix compilation due to missing NFPROTO_INET definition, Pablo Neira Ayuso
[PATCH nf_tables v2] netfilter: nf_tables: fix error path in the init functions, Pablo Neira Ayuso
[PATCH nf_tables] netfilter: nf_tables: fix error path in the init functions, Pablo Neira Ayuso
[PATCH nf_tables] netfilter: nft_meta: fix lack of validation of the input register, Pablo Neira Ayuso
[PATCH 00/13] netfilter: nf_tables: bug fixes and minor cleanups, Patrick McHardy
- [PATCH 01/13] netfilter: nf_tables: split chain policy validation from actually setting it, Patrick McHardy
- [PATCH 02/13] netfilter: nf_tables: restore chain change atomicity, Patrick McHardy
- [PATCH 03/13] netfilter: nf_tables: fix check for table overflow, Patrick McHardy
- [PATCH 04/13] netfilter: nf_tables: fix chain type module reference handling, Patrick McHardy
- [PATCH 05/13] netfilter: nf_tables: add missing module references to chain types, Patrick McHardy
- [PATCH 06/13] netfilter: nf_tables: replay request after dropping locks to load chain type, Patrick McHardy
- [PATCH 07/13] netfilter: nf_tables: constify chain type definitions and pointers, Patrick McHardy
- [PATCH 08/13] netfilter: nf_tables: minor nf_chain_type cleanups, Patrick McHardy
- [PATCH 09/13] netfilter: nf_tables: perform flags validation before table allocation, Patrick McHardy
- [PATCH 10/13] netfilter: nf_tables: take AF module reference when creating a table, Patrick McHardy
- [PATCH 11/13] netfilter: nf_tables: prohibit deletion of a table with existing sets, Patrick McHardy
- [PATCH 12/13] netfilter: nf_tables: unininline nft_trace_packet(), Patrick McHardy
- [PATCH 13/13] netfilter: nf_tables: rename nft_do_chain_pktinfo() to nft_do_chain(), Patrick McHardy
- Re: [PATCH 00/13] netfilter: nf_tables: bug fixes and minor cleanups, Pablo Neira Ayuso
[libnftables PATCH 1/3] parsing: rework and generalize the build/parse system, Arturo Borrero Gonzalez
- [libnftables PATCH 2/3] parsing: add interface to parse from file, Arturo Borrero Gonzalez
  - Re: [libnftables PATCH 2/3] parsing: add interface to parse from file, Pablo Neira Ayuso
- [libnftables PATCH 3/3] tests: update tests with nft_*_parse_file(), Arturo Borrero Gonzalez
  - Re: [libnftables PATCH 3/3] tests: update tests with nft_*_parse_file(), Pablo Neira Ayuso
- Re: [libnftables PATCH 1/3] parsing: rework and generalize the build/parse system, Pablo Neira Ayuso
[PATCH RFC] nftables: fix surpression of "permission denied" errors, Patrick McHardy
- Re: [PATCH RFC] nftables: fix surpression of "permission denied" errors, Pablo Neira Ayuso
  - Re: [PATCH RFC] nftables: fix surpression of "permission denied" errors, Patrick McHardy
    - Re: [PATCH RFC] nftables: fix surpression of "permission denied" errors, Pablo Neira Ayuso
      - Re: [PATCH RFC] nftables: fix surpression of "permission denied" errors, Patrick McHardy
[PATCH 00/12] nftables: generic protocol contexts, "inet" family, Patrick McHardy
- [PATCH 01/12] expr: replace PAYLOAD_PROTOCOL_EXPR by generic flag, Patrick McHardy
- [PATCH 02/12] nftables: generic procotol contexts, Patrick McHardy
- [PATCH 03/12] expr: add protocol context update callback, Patrick McHardy
- [PATCH 05/12] proto: add debugging for protocol context updates, Patrick McHardy
- [PATCH 04/12] proto: add helper function to update protocol context, Patrick McHardy
- [PATCH 06/12] ct expr: protocol context updates and dynamic typing, Patrick McHardy
- [PATCH 08/12] nftables: add support for the "inet" family, Patrick McHardy
- [PATCH 07/12] include: resync nftables.h with kernel, Patrick McHardy
- [PATCH 11/12] meta: add nfproto support, Patrick McHardy
- [PATCH 12/12] meta: add l4proto support, Patrick McHardy
- [PATCH 10/12] proto: add support for meta templates, Patrick McHardy
- [PATCH 09/12] netlink_delinearize: remove implied meta expressions, Patrick McHardy
  - Re: [PATCH 09/12] netlink_delinearize: remove implied meta expressions, Arturo Borrero Gonzalez
    - Re: [PATCH 09/12] netlink_delinearize: remove implied meta expressions, Patrick McHardy
[PATCH libnftables v2] Add support for ct set, Kristian Evensen
- Re: [PATCH libnftables v2] Add support for ct set, Pablo Neira Ayuso
  - Re: [PATCH libnftables v2] Add support for ct set, Kristian Evensen
    - Re: [PATCH libnftables v2] Add support for ct set, Pablo Neira Ayuso
      - Re: [PATCH libnftables v2] Add support for ct set, Arturo Borrero Gonzalez
        
        Re: [PATCH libnftables v2] Add support for ct set, Pablo Neira Ayuso
        
        Re: [PATCH libnftables v2] Add support for ct set, Kristian Evensen
        
        Re: [PATCH libnftables v2] Add support for ct set, Arturo Borrero Gonzalez
[PATCH libnftables] Improved error handling and minor clean-up, Kristian Evensen
- Re: [PATCH libnftables] Improved error handling and minor clean-up, Kristian Evensen
Patches to xtables-addons xt_quota2, Sam Liddicott
- Re: Patches to xtables-addons xt_quota2, Sam Liddicott
- Re: Patches to xtables-addons xt_quota2, Jan Engelhardt
  - Re: Patches to xtables-addons xt_quota2, Sam Liddicott
    - Re: Patches to xtables-addons xt_quota2, Jan Engelhardt
      - Re: Patches to xtables-addons xt_quota2, Sam Liddicott
[PATCH netfilter: nft v2] netfilter: nf_tables Add set op to nft_ct module, Kristian Evensen
- Re: [PATCH netfilter: nft v2] netfilter: nf_tables Add set op to nft_ct module, Pablo Neira Ayuso
  - Re: [PATCH netfilter: nft v2] netfilter: nf_tables Add set op to nft_ct module, Kristian Evensen
[PATCH nftables] Add support for setting ct keys, Kristian Evensen
- Re: [PATCH nftables] Add support for setting ct keys, Kristian Evensen
  - Re: [PATCH nftables] Add support for setting ct keys, Pablo Neira Ayuso
[PATCH libnftables] Add support for ct set, Kristian Evensen
- Re: [PATCH libnftables] Add support for ct set, Arturo Borrero Gonzalez
  - Re: [PATCH libnftables] Add support for ct set, Kristian Evensen
- <Possible follow-ups>
- [PATCH libnftables] Add support for ct set, Kristian Evensen
  - Re: [PATCH libnftables] Add support for ct set, Patrick McHardy
    - Re: [PATCH libnftables] Add support for ct set, Kristian Evensen
      - Re: [PATCH libnftables] Add support for ct set, Patrick McHardy
        
        Re: [PATCH libnftables] Add support for ct set, Kristian Evensen
        
        Re: [PATCH libnftables] Add support for ct set, Patrick McHardy
        
        Re: [PATCH libnftables] Add support for ct set, Patrick McHardy
        
        Re: [PATCH libnftables] Add support for ct set, Kristian Evensen
        
        Re: [PATCH libnftables] Add support for ct set, Pablo Neira Ayuso
        
        Re: [PATCH libnftables] Add support for ct set, Patrick McHardy
        
        Re: [PATCH libnftables] Add support for ct set, Pablo Neira Ayuso
        
        Re: [PATCH libnftables] Add support for ct set, Patrick McHardy
        
        Re: [PATCH libnftables] Add support for ct set, Pablo Neira Ayuso
        
        Re: [PATCH libnftables] Add support for ct set, Patrick McHardy
[PATCH netfilter: nft] netfilter: nf_tables Add set op to nft_ct module, Kristian Evensen
- Re: [PATCH netfilter: nft] netfilter: nf_tables Add set op to nft_ct module, Florian Westphal
  - Re: [PATCH netfilter: nft] netfilter: nf_tables Add set op to nft_ct module, Kristian Evensen
[libnftables PATCH 0/6] parsing update, Arturo Borrero Gonzalez
- [libnftables PATCH 2/6] set_elem: add json parsing to API, Arturo Borrero Gonzalez
  - Re: [libnftables PATCH 2/6] set_elem: add json parsing to API, Pablo Neira Ayuso
- [libnftables PATCH 3/6] internal: rework parsing symbol logic, Arturo Borrero Gonzalez
  - Re: [libnftables PATCH 3/6] internal: rework parsing symbol logic, Pablo Neira Ayuso
    - Re: [libnftables PATCH 3/6] internal: rework parsing symbol logic, Arturo Borrero Gonzalez
      - Re: [libnftables PATCH 3/6] internal: rework parsing symbol logic, Pablo Neira Ayuso
- [libnftables PATCH 4/6] internal: add a selector for parsing ops, Arturo Borrero Gonzalez
  - Re: [libnftables PATCH 4/6] internal: add a selector for parsing ops, Pablo Neira Ayuso
    - Re: [libnftables PATCH 4/6] internal: add a selector for parsing ops, Arturo Borrero Gonzalez
      - Re: [libnftables PATCH 4/6] internal: add a selector for parsing ops, Pablo Neira Ayuso
- [libnftables PATCH 5/6] parsing: add interface to parse from file, Arturo Borrero Gonzalez
- [libnftables PATCH 6/6] tests: update tests with nft_*_parse_file(), Arturo Borrero Gonzalez
  - Re: [libnftables PATCH 6/6] tests: update tests with nft_*_parse_file(), Pablo Neira Ayuso
    - Re: [libnftables PATCH 6/6] tests: update tests with nft_*_parse_file(), Arturo Borrero Gonzalez
- [libnftables PATCH 1/6] mxml: add error reference of the top node, Arturo Borrero Gonzalez
  - Re: [libnftables PATCH 1/6] mxml: add error reference of the top node, Pablo Neira Ayuso
[PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get, Andrey Vagin
- Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get, Vasily Averin
- Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get, Eric Dumazet
  - Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get, Florian Westphal
    - Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get, Eric Dumazet
      - Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get, Florian Westphal
        
        Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get, Eric Dumazet
        
        Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get, Florian Westphal
        
        Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get, Florian Westphal
    - Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get, Andrew Vagin
      - Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get, Florian Westphal
        
        Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get, Andrew Vagin
        
        Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get, Florian Westphal
  - Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get, Andrew Vagin
    - Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get, Eric Dumazet
      - Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get, Andrey Wagin
- [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get (v2), Andrey Vagin
  - Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get (v2), Eric Dumazet
    - [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get (v3), Andrey Vagin
      - Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get (v3), Eric Dumazet
        
        Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get (v3), Andrew Vagin
        
        Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get (v3), Andrey Wagin
        
        Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get (v3), Eric Dumazet
        
        [PATCH] [RFC] netfilter: nf_conntrack: don't relase a conntrack with non-zero refcnt, Andrey Vagin
        
        Re: [PATCH] [RFC] netfilter: nf_conntrack: don't relase a conntrack with non-zero refcnt, Cyrill Gorcunov
        
        Re: [PATCH] [RFC] netfilter: nf_conntrack: don't relase a conntrack with non-zero refcnt, Florian Westphal
        
        Re: [PATCH] [RFC] netfilter: nf_conntrack: don't relase a conntrack with non-zero refcnt, Andrew Vagin
        
        Re: [PATCH] [RFC] netfilter: nf_conntrack: don't relase a conntrack with non-zero refcnt, Florian Westphal
        
        Re: [PATCH] [RFC] netfilter: nf_conntrack: don't relase a conntrack with non-zero refcnt, Pablo Neira Ayuso
        
        Re: [PATCH] [RFC] netfilter: nf_conntrack: don't relase a conntrack with non-zero refcnt, Andrew Vagin
        
        Re: [PATCH] [RFC] netfilter: nf_conntrack: don't relase a conntrack with non-zero refcnt, Eric Dumazet
        
        Re: [PATCH] [RFC] netfilter: nf_conntrack: don't relase a conntrack with non-zero refcnt, Andrew Vagin
        
        Re: [PATCH] netfilter: nf_conntrack: fix RCU race in nf_conntrack_find_get (v3), Pablo Neira Ayuso
A conntrack, which is added via ctnetlink, can provoke a race condition, Andrey Wagin
- Re: A conntrack, which is added via ctnetlink, can provoke a race condition, Florian Westphal
  - Re: A conntrack, which is added via ctnetlink, can provoke a race condition, Pablo Neira Ayuso
[PATCH] netfilter: nftables: fix warning in nft_reject, Eric Leblond
- Re: [PATCH] netfilter: nftables: fix warning in nft_reject, Pablo Neira Ayuso
[PATCH nftables] netfilter: nft_reject: fix compilation warning if NF_TABLES_IPV6 is disabled, Pablo Neira Ayuso
ipset: hash_netnet4_data_equal typo commit status follow-up, David Gervais
- Re: ipset: hash_netnet4_data_equal typo commit status follow-up, Jozsef Kadlecsik
[RFC PATCH 00/12] nftables: generic protocol contexts, "inet" family support, Patrick McHardy
- [PATCH 01/12] expr: replace PAYLOAD_PROTOCOL_EXPR by generic flag, Patrick McHardy
- [PATCH 06/12] ct expr: protocol context updates and dynamic typing, Patrick McHardy
- [PATCH 02/12] nftables: generic procotol contexts, Patrick McHardy
- [PATCH 12/12] meta: add l4proto support, Patrick McHardy
- [PATCH 11/12] meta: add nfproto support, Patrick McHardy
- [PATCH 03/12] expr: add protocol context update callback, Patrick McHardy
- [PATCH 04/12] proto: add helper function to update protocol context, Patrick McHardy
- [PATCH 05/12] proto: add debugging for protocol context updates, Patrick McHardy
- [PATCH 10/12] proto: add support for meta templates, Patrick McHardy
- [PATCH 08/12] nftables: add support for the "inet" family, Patrick McHardy
- [PATCH 07/12] include: resync nftables.h with kernel, Patrick McHardy
- [PATCH 09/12] netlink_delinearize: remove implied meta expressions, Patrick McHardy
[PATCH nftables] Add support for the meta connmark key, Kristian Evensen
[PATCH libnftables] Add support for the connmark meta key, Kristian Evensen
[PATCH netfilter: nft] Add the connmark meta_key, Kristian Evensen
- Re: [PATCH netfilter: nft] Add the connmark meta_key, Patrick McHardy
- Re: [PATCH netfilter: nft] Add the connmark meta_key, Florian Westphal
  - Re: [PATCH netfilter: nft] Add the connmark meta_key, Patrick McHardy
    - Re: [PATCH netfilter: nft] Add the connmark meta_key, Kristian Evensen
      - Re: [PATCH netfilter: nft] Add the connmark meta_key, Patrick McHardy
        
        Re: [PATCH netfilter: nft] Add the connmark meta_key, Kristian Evensen
        
        Re: [PATCH netfilter: nft] Add the connmark meta_key, Patrick McHardy
        
        Re: [PATCH netfilter: nft] Add the connmark meta_key, Kristian Evensen
[PATCH net-next] netfilter: nfnetlink_queue: fix compilation problem due missing header, Pablo Neira Ayuso
- Re: [PATCH net-next] netfilter: nfnetlink_queue: fix compilation problem due missing header, Eric Dumazet
[PATCH] netfilter: nf_conntrack: release conntrack from rcu callback, Andrey Vagin
- Re: [PATCH] netfilter: nf_conntrack: release conntrack from rcu callback, Florian Westphal
  - Re: [PATCH] netfilter: nf_conntrack: release conntrack from rcu callback, Cyrill Gorcunov
    - Re: [PATCH] netfilter: nf_conntrack: release conntrack from rcu callback, Cyrill Gorcunov
    - Re: [PATCH] netfilter: nf_conntrack: release conntrack from rcu callback, Florian Westphal
      - Re: [PATCH] netfilter: nf_conntrack: release conntrack from rcu callback, Cyrill Gorcunov
  - Re: [PATCH] netfilter: nf_conntrack: release conntrack from rcu callback, Andrew Vagin
    - Re: [PATCH] netfilter: nf_conntrack: release conntrack from rcu callback, Florian Westphal
      - Re: [PATCH] netfilter: nf_conntrack: release conntrack from rcu callback, Andrey Wagin
[PATCH 00/13] nftables updates for net-next, Pablo Neira Ayuso
- [PATCH 05/13] netfilter: nf_tables: nft_meta module get/set ops, Pablo Neira Ayuso
- [PATCH 07/13] netfilter: select NFNETLINK when enabling NF_TABLES, Pablo Neira Ayuso
- [PATCH 13/13] netfilter: nf_tables: dump sets in all existing families, Pablo Neira Ayuso
- [PATCH 12/13] netfilter: nf_tables: remove unused variable in nf_tables_dump_set(), Pablo Neira Ayuso
- [PATCH 04/13] netfilter: nf_tables: Expose the table usage counter via netlink, Pablo Neira Ayuso
- [PATCH 01/13] netfilter: nf_tables: fix issue with verdict support, Pablo Neira Ayuso
- [PATCH 11/13] netfilter: nf_tables: fix type in parsing in nf_tables_set_alloc_name(), Pablo Neira Ayuso
- [PATCH 08/13] netfilter: REJECT: separate reusable code, Pablo Neira Ayuso
- [PATCH 10/13] netfilter: add help information to new nf_tables Kconfig options, Pablo Neira Ayuso
- [PATCH 09/13] netfilter: nft_reject: support for IPv6 and TCP reset, Pablo Neira Ayuso
- [PATCH 03/13] netfilter: nft: add queue module, Pablo Neira Ayuso
- [PATCH 06/13] netfilter: nf_tables: remove nft_meta_target, Pablo Neira Ayuso
- [PATCH 02/13] netfilter: xt_NFQUEUE: separate reusable code, Pablo Neira Ayuso
  - Re: [PATCH 02/13] netfilter: xt_NFQUEUE: separate reusable code, Florian Westphal
- Re: [PATCH 00/13] nftables updates for net-next, David Miller
[PATCH nftables] Add support for connmark target, Kristian Evensen
[PATCH libnftables] Add support for nft_connmark, Kristian Evensen
- Re: [PATCH libnftables] Add support for nft_connmark, Arturo Borrero Gonzalez
  - Re: [PATCH libnftables] Add support for nft_connmark, Kristian Evensen
[PATCH netfilter: nft] add connmark module, Kristian Evensen
- Re: [PATCH netfilter: nft] add connmark module, Pablo Neira Ayuso
  - Re: [PATCH netfilter: nft] add connmark module, Kristian Evensen
    - Re: [PATCH netfilter: nft] add connmark module, Pablo Neira Ayuso
      - Re: [PATCH netfilter: nft] add connmark module, Kristian Evensen
        
        Re: [PATCH netfilter: nft] add connmark module, Pablo Neira Ayuso
        
        Re: [PATCH netfilter: nft] add connmark module, Kristian Evensen
      - Re: [PATCH netfilter: nft] add connmark module, Kristian Evensen
        
        Re: [PATCH netfilter: nft] add connmark module, Kristian Evensen
[PATCH v6] iptables: add support for l2tp match, James Chapman
[PATCH v6] netfilter: introduce l2tp match extension, James Chapman
- Re: [PATCH v6] netfilter: introduce l2tp match extension, Pablo Neira Ayuso
  - Re: [PATCH v6] netfilter: introduce l2tp match extension, Pablo Neira Ayuso
[PATCH nf-next] netfilter: nf_log: use %s format string for buffer, Daniel Borkmann
- Re: [PATCH nf-next] netfilter: nf_log: use %s format string for buffer, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_conntrack: fix skb_header_pointer API usages in DCCP, Daniel Borkmann
- Re: [PATCH nf] netfilter: nf_conntrack: fix skb_header_pointer API usages in DCCP, Pablo Neira Ayuso
[libnftables PATCH v2] src: new error reporting approach for XML/JSON parsers, Alvaro Neira
- Re: [libnftables PATCH v2] src: new error reporting approach for XML/JSON parsers, Pablo Neira Ayuso
  - Re: [libnftables PATCH v2] src: new error reporting approach for XML/JSON parsers, Arturo Borrero Gonzalez
    - Re: [libnftables PATCH v2] src: new error reporting approach for XML/JSON parsers, Pablo Neira Ayuso
[PATCH nft] src: set maximum length in constant sets, Pablo Neira Ayuso
[PATCH libnftables] set: support new maximum and number of elements attributes, Pablo Neira Ayuso
[PATCH 0/3 nftables RFC] set infrastructure updates, Pablo Neira Ayuso
- [PATCH 2/3] netfilter: nf_tables: limit maximum number of elements, Pablo Neira Ayuso
  - Re: [PATCH 2/3] netfilter: nf_tables: limit maximum number of elements, Patrick McHardy
    - Re: [PATCH 2/3] netfilter: nf_tables: limit maximum number of elements, Pablo Neira Ayuso
      - Re: [PATCH 2/3] netfilter: nf_tables: limit maximum number of elements, Pablo Neira Ayuso
      - Re: [PATCH 2/3] netfilter: nf_tables: limit maximum number of elements, Patrick McHardy
- [PATCH 3/3] netfilter: nft_hash: use set->maxelems to calculate number of buckets, Pablo Neira Ayuso
  - Re: [PATCH 3/3] netfilter: nft_hash: use set->maxelems to calculate number of buckets, Patrick McHardy
    - Re: [PATCH 3/3] netfilter: nft_hash: use set->maxelems to calculate number of buckets, Pablo Neira Ayuso
- [PATCH 1/3] netfilter: nf_tables: fix suboptimal set selection, Pablo Neira Ayuso
  - Re: [PATCH 1/3] netfilter: nf_tables: fix suboptimal set selection, Patrick McHardy
    - Re: [PATCH 1/3] netfilter: nf_tables: fix suboptimal set selection, Pablo Neira Ayuso
      - Re: [PATCH 1/3] netfilter: nf_tables: fix suboptimal set selection, Patrick McHardy
        
        Re: [PATCH 1/3] netfilter: nf_tables: fix suboptimal set selection, Pablo Neira Ayuso
        
        Re: [PATCH 1/3] netfilter: nf_tables: fix suboptimal set selection, Patrick McHardy
[PATCH] extensions: libxt_set: Add missing hyphen to --bytes-eq synopsis in manpage, Mart Frauenlob
- Re: [PATCH] extensions: libxt_set: Add missing hyphen to --bytes-eq synopsis in manpage, Florian Westphal
[net PATCH] netfilter: only warn once on wrong seqadj usage, Jesper Dangaard Brouer
- Re: [net PATCH] netfilter: only warn once on wrong seqadj usage, Patrick McHardy
  - Re: [net PATCH] netfilter: only warn once on wrong seqadj usage, Jesper Dangaard Brouer
- Re: [net PATCH] netfilter: only warn once on wrong seqadj usage, Pablo Neira Ayuso
[PATCH v5] iptables: add support for l2tp match, James Chapman
[PATCH v5] netfilter: introduce l2tp match extension, James Chapman
- Re: [PATCH v5] netfilter: introduce l2tp match extension, Florian Westphal
  - Re: [PATCH v5] netfilter: introduce l2tp match extension, James Chapman
- Re: [PATCH v5] netfilter: introduce l2tp match extension, Pablo Neira Ayuso
[libnftables PATCH v2] parsing: add interface to parse from file, Arturo Borrero Gonzalez
- Re: [libnftables PATCH v2] parsing: add interface to parse from file, Pablo Neira Ayuso
  - Re: [libnftables PATCH v2] parsing: add interface to parse from file, Arturo Borrero Gonzalez
    - Re: [libnftables PATCH v2] parsing: add interface to parse from file, Pablo Neira Ayuso
[RFC PATCH 0/6] netfilter: nf_tables: add mixed IPv4/IPv6 table support, Patrick McHardy
- [PATCH 1/6] netfilter: nf_tables: make chain types override the default AF functions, Patrick McHardy
- [PATCH 2/6] netfilter: nf_tables: add hook ops to struct nft_pktinfo, Patrick McHardy
- [PATCH 3/6] netfilter: nf_tables: add support for multi family tables, Patrick McHardy
- [PATCH 6/6] netfilter: nft_meta: add l4proto support, Patrick McHardy
- [PATCH 4/6] netfilter: nf_tables: add "inet" table for IPv4/IPv6, Patrick McHardy
- [PATCH 5/6] netfilter: nf_tables: add nfproto support to meta expression, Patrick McHardy
- Re: [RFC PATCH 0/6] netfilter: nf_tables: add mixed IPv4/IPv6 table support, Pablo Neira Ayuso
  - Re: [RFC PATCH 0/6] netfilter: nf_tables: add mixed IPv4/IPv6 table support, Patrick McHardy
- [PATCH 7/6] netfilter: nft_ct: load both IPv4 and IPv6 conntrack modules for NFPROTO_INET, Patrick McHardy
  - Re: [PATCH 7/6] netfilter: nft_ct: load both IPv4 and IPv6 conntrack modules for NFPROTO_INET, Pablo Neira Ayuso
- Re: [RFC PATCH 0/6] netfilter: nf_tables: add mixed IPv4/IPv6 table support, Pablo Neira Ayuso
How to get pid of packet sender from NFQUEUE?, Mehran Kholdi
- Re: How to get pid of packet sender from NFQUEUE?, Eric Leblond
- Re: How to get pid of packet sender from NFQUEUE?, Mehran Kholdi
How to test netfilter SYNPROXY target properly?, Vincent Li
- Re: How to test netfilter SYNPROXY target properly?, Patrick McHardy
  - Re: How to test netfilter SYNPROXY target properly?, Vincent Li
  - Re: How to test netfilter SYNPROXY target properly?, Phil Oester
[libnftables PATCH] parsing: add interface to parse from file, Arturo Borrero Gonzalez
- Re: [libnftables PATCH] parsing: add interface to parse from file, Pablo Neira Ayuso
  - Re: [libnftables PATCH] parsing: add interface to parse from file, Arturo Borrero Gonzalez
    - Re: [libnftables PATCH] parsing: add interface to parse from file, Pablo Neira Ayuso
[libnftables PATCH] tests: add table 'use' attr to testfiles, Arturo Borrero Gonzalez
- Re: [libnftables PATCH] tests: add table 'use' attr to testfiles, Pablo Neira Ayuso
[PATCH 0/2] ct_set: port CT target to nftables, Eric Leblond
- [PATCH 1/2] netfilter: CT: factorize reusable code, Eric Leblond
- [PATCH 2/2] netfilter: nftables: introduce ct_set module, Eric Leblond
  - Re: [PATCH 2/2] netfilter: nftables: introduce ct_set module, Pablo Neira Ayuso
- [libnftables PATCH] expr: add ct_set expression, Eric Leblond
  - Re: [libnftables PATCH] expr: add ct_set expression, Arturo Borrero Gonzalez
    - Re: [libnftables PATCH] expr: add ct_set expression, Eric Leblond
      - Re: [libnftables PATCH] expr: add ct_set expression, Arturo Borrero Gonzalez
[PATCH] netfilter: CT: improve error treatment, Eric Leblond
- Re: [PATCH] netfilter: CT: improve error treatment, Pablo Neira Ayuso
[PATCH RESEND] netfilter: remove unused variable, Michal Nazarewicz
- Re: [PATCH RESEND] netfilter: remove unused variable, Pablo Neira Ayuso
  - Re: [PATCH RESEND] netfilter: remove unused variable, Michal Nazarewicz
[nft PATCH] src: add support for listing the entire ruleset, Arturo Borrero Gonzalez
- Re: [nft PATCH] src: add support for listing the entire ruleset, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_nat: fix buffer overflow in IRC NAT helper, Daniel Borkmann
- Re: [PATCH nf] netfilter: nf_nat: fix buffer overflow in IRC NAT helper, Pablo Neira Ayuso
  - Re: [PATCH nf] netfilter: nf_nat: fix buffer overflow in IRC NAT helper, Pablo Neira Ayuso
    - Re: [PATCH nf] netfilter: nf_nat: fix buffer overflow in IRC NAT helper, Daniel Borkmann
  - Re: [PATCH nf] netfilter: nf_nat: fix buffer overflow in IRC NAT helper, Hannes Frederic Sowa
- Re: [PATCH nf] netfilter: nf_nat: fix buffer overflow in IRC NAT helper, Pablo Neira Ayuso
  - Re: [PATCH nf] netfilter: nf_nat: fix buffer overflow in IRC NAT helper, Daniel Borkmann
[PATCH nf-next] netfilter: fix type in parsing in nf_tables_set_alloc_name, Daniel Borkmann
- Re: [PATCH nf-next] netfilter: fix type in parsing in nf_tables_set_alloc_name, Pablo Neira Ayuso
[libnftables PATCH 1/2] src: rename the parameter tag to node_name in jansson function, Alvaro Neira
- [libnftables PATCH 2/2] src: new error reporting approach for XML/JSON parsers, Alvaro Neira
  - Re: [libnftables PATCH 2/2] src: new error reporting approach for XML/JSON parsers, Pablo Neira Ayuso
- Re: [libnftables PATCH 1/2] src: rename the parameter tag to node_name in jansson function, Arturo Borrero Gonzalez
- Re: [libnftables PATCH 1/2] src: rename the parameter tag to node_name in jansson function, Pablo Neira Ayuso
[PATCH net-next] netfilter: remove dead code, Stephen Hemminger
- Re: [PATCH net-next] netfilter: remove dead code, Pablo Neira Ayuso
[PATCH net-next] ipset: remove unused code, Stephen Hemminger
- Re: [PATCH net-next] ipset: remove unused code, Pablo Neira Ayuso
[PATCH nf-next] netfilter: add help information to new nf_tables Kconfig options, Pablo Neira Ayuso
- Re: [PATCH nf-next] netfilter: add help information to new nf_tables Kconfig options, Eric Leblond
[PATCH] netfilter: Remove some backward-compat Kconfig symbols, Ben Hutchings
- Re: [PATCH] netfilter: Remove some backward-compat Kconfig symbols, Pablo Neira Ayuso
Re: ULOGD2 with MYSQL, Sassy Natan
- Re: ULOGD2 with MYSQL, Eric Leblond
  - Message not available
    - Message not available
      - Message not available
        
        Fwd: ULOGD2 with MYSQL, Sassy Natan
        
        Re: Fwd: ULOGD2 with MYSQL, Eric Leblond
[PATCH nf-next v5 0/3] xtables socket classid matching, Daniel Borkmann
- [PATCH nf-next v5 2/3] net: netprio: rename config to be more consistent with cgroup configs, Daniel Borkmann
- [PATCH nf-next v5 3/3] netfilter: xtables: lightweight process control group matching, Daniel Borkmann
- [PATCH nf-next v5 1/3] net: net_cls: move cgroupfs classid handling into core, Daniel Borkmann
- Re: [PATCH nf-next v5 0/3] xtables socket classid matching, Li Zefan
  - Re: [PATCH nf-next v5 0/3] xtables socket classid matching, Pablo Neira Ayuso
    - Re: [PATCH nf-next v5 0/3] xtables socket classid matching, Daniel Borkmann
      - Re: [PATCH nf-next v5 0/3] xtables socket classid matching, Pablo Neira Ayuso
        
        Re: [PATCH nf-next v5 0/3] xtables socket classid matching, Daniel Borkmann
- Re: [PATCH nf-next v5 0/3] xtables socket classid matching, Pablo Neira Ayuso
  - Re: [PATCH nf-next v5 0/3] xtables socket classid matching, Daniel Borkmann
  - Re: [PATCH nf-next v5 0/3] xtables socket classid matching, David Miller
[PATCH nf-next v4 0/3] xtables socket classid matching, Daniel Borkmann
- [PATCH nf-next v4 2/3] net: netprio: rename config to be more consistent with cgroup configs, Daniel Borkmann
- [PATCH nf-next v4 3/3] netfilter: xtables: lightweight process control group matching, Daniel Borkmann
- [PATCH nf-next v4 1/3] net: net_cls: move cgroupfs classid handling into core, Daniel Borkmann
[PATCH 0/2] nftables: minor Kconfig fixes, Eric Leblond
- [PATCH 1/2] netfilter: nft: select NFNETLINK, Eric Leblond
  - Re: [PATCH 1/2] netfilter: nft: select NFNETLINK, Pablo Neira Ayuso
- [PATCH 2/2] netfilter: nft: explicit dependency to IPv6, Eric Leblond
  - Re: [PATCH 2/2] netfilter: nft: explicit dependency to IPv6, Pablo Neira Ayuso
[PATCH 0/8] Netfilter/IPVS fixes for net, Pablo Neira Ayuso
- [PATCH 5/8] ipvs: correct usage/allocation of seqadj ext in ipvs, Pablo Neira Ayuso
- [PATCH 8/8] netfilter: nf_tables: fix wrong datatype in nft_validate_data_load(), Pablo Neira Ayuso
- [PATCH 6/8] netfilter: nf_tables: fix dumping with large number of sets, Pablo Neira Ayuso
- [PATCH 7/8] netfilter: nf_tables: fix oops when updating table with user chains, Pablo Neira Ayuso
- [PATCH 2/8] netfilter: nft_exthdr: call ipv6_find_hdr() with explicitly initialized offset, Pablo Neira Ayuso
- [PATCH 4/8] netfilter: WARN about wrong usage of sequence number adjustments, Pablo Neira Ayuso
- [PATCH 1/8] netfilter: nfnetlink_log: unset nf_loggers for netns when unloading module, Pablo Neira Ayuso
- [PATCH 3/8] netfilter: nf_ct_timestamp: Fix BUG_ON after netns deletion, Pablo Neira Ayuso
- Re: [PATCH 0/8] Netfilter/IPVS fixes for net, David Miller
- <Possible follow-ups>
- [PATCH 0/8] Netfilter/IPVS fixes for net, Pablo Neira Ayuso
  - [PATCH 0/8] Netfilter/IPVS fixes for net, Pablo Neira Ayuso
  - [PATCH 6/8] netfilter: nft_compat: use the match->table to validate dependencies, Pablo Neira Ayuso
  - [PATCH 7/8] netfilter: nf_tables: restore synchronous object release from commit/abort, Pablo Neira Ayuso
  - [PATCH 3/8] ipvs: Keep skb->sk when allocating headroom on tunnel xmit, Pablo Neira Ayuso
  - [PATCH 8/8] netfilter: conntrack: fix race in __nf_conntrack_confirm against get_next_corpse, Pablo Neira Ayuso
  - [PATCH 5/8] netfilter: nft_compat: relax chain type validation, Pablo Neira Ayuso
  - [PATCH 4/8] netfilter: nft_compat: use current net namespace, Pablo Neira Ayuso
  - [PATCH 2/8] netfilter: ipset: small potential read beyond the end of buffer, Pablo Neira Ayuso
  - [PATCH 1/8] netfilter: nft_masq: fix uninitialized range in nft_masq_{ipv4, ipv6}_eval, Pablo Neira Ayuso
  - Re: [PATCH 0/8] Netfilter/IPVS fixes for net, David Miller
[PATCH] netfilter: nf_tables: remove nft_meta_target, Pablo Neira Ayuso
[PATCH 1/2 nft] mnl: print netlink message if if --debug=netlink in mnl_talk(), Pablo Neira Ayuso
- [PATCH 2/2 nft] netlink: fix dictionary feature, Pablo Neira Ayuso
[PATCH] netfilter: nf_tables: fix wrong datatype in nft_validate_data_load(), Pablo Neira Ayuso
[PATCH net-next] netfilter: xtables make functions local, Stephen Hemminger
- Re: [PATCH net-next] netfilter: xtables make functions local, David Miller
  - Re: [PATCH net-next] netfilter: xtables make functions local, Jan Engelhardt
    - Re: [PATCH net-next] netfilter: xtables make functions local, Pablo Neira Ayuso
- Re: [PATCH net-next] netfilter: xtables make functions local, Pablo Neira Ayuso
nf_tables_api.c:nf_tables_update cause oops, Alex Wei
- Re: nf_tables_api.c:nf_tables_update cause oops, Pablo Neira Ayuso
- <Possible follow-ups>
- nf_tables_api.c:nf_tables_update cause oops, Alex Wei
[GIT PULL nf-next] IPVS Updates for v3.14, Simon Horman
- [PATCH nf-next] ipvs: Remove unused variable ret from sync_thread_master(), Simon Horman
- Re: [GIT PULL nf-next] IPVS Updates for v3.14, Pablo Neira Ayuso
[GIT PULL nf 0/2] IPVS Fixes for v3.13, Simon Horman
- [PATCH nf 2/2] ipvs: correct usage/allocation of seqadj ext in ipvs, Simon Horman
- [PATCH nf 1/2] netfilter: WARN about wrong usage of sequence number adjustments, Simon Horman
- Re: [GIT PULL nf 0/2] IPVS Fixes for v3.13, Pablo Neira Ayuso
[PATCH nft] netlink: add support to set meta keys, Pablo Neira Ayuso
[libnftables PATCH v3] src: update meta expr, Arturo Borrero Gonzalez
- Re: [libnftables PATCH v3] src: update meta expr, Pablo Neira Ayuso
[PATCH nf-next] netfilter: nf_tables: dump sets in all existing families, Pablo Neira Ayuso
[nft kernel PATCH v3] netfilter: nf_tables: nft_meta module get/set ops, Arturo Borrero Gonzalez
- Re: [nft kernel PATCH v3] netfilter: nf_tables: nft_meta module get/set ops, Pablo Neira Ayuso
[PATCH nf] netfilter: nf_tables: fix dumping with large number of sets, Pablo Neira Ayuso
[xtables-addons-1.47.1] compilation failed - compat_xtables.c:633: error: too few arguments to function ipv6_find_hdr, remoteshaman.com
- Re: [xtables-addons-1.47.1] compilation failed - compat_xtables.c:633: error: too few arguments to function ipv6_find_hdr, Jan Engelhardt
[nft PATCH] files: replace interpreter during installation, Arturo Borrero Gonzalez
- <Possible follow-ups>
- [nft PATCH] files: replace interpreter during installation, Arturo Borrero Gonzalez
  - Re: [nft PATCH] files: replace interpreter during installation, Patrick McHardy
    - Re: [nft PATCH] files: replace interpreter during installation, Arturo Borrero Gonzalez
      - Re: [nft PATCH] files: replace interpreter during installation, Patrick McHardy
        
        Re: [nft PATCH] files: replace interpreter during installation, Arturo Borrero Gonzalez
        
        Re: [nft PATCH] files: replace interpreter during installation, Patrick McHardy
        
        Re: [nft PATCH] files: replace interpreter during installation, Alex Elsayed
  - Re: [nft PATCH] files: replace interpreter during installation, Sam Liddicott
    - Re: [nft PATCH] files: replace interpreter during installation, Patrick McHardy
      - Re: [nft PATCH] files: replace interpreter during installation, Arturo Borrero Gonzalez
        
        Re: [nft PATCH] files: replace interpreter during installation, Patrick McHardy
[PATCH iptables-nftables v3] iptables: add libxt_cgroup frontend, Daniel Borkmann
[PATCH nf-next v3] netfilter: xtables: lightweight process control group matching, Daniel Borkmann
- Re: [PATCH nf-next v3] netfilter: xtables: lightweight process control group matching, Li Zefan
  - Re: [PATCH nf-next v3] netfilter: xtables: lightweight process control group matching, Daniel Borkmann
    - Re: [PATCH nf-next v3] netfilter: xtables: lightweight process control group matching, Li Zefan
      - Re: [PATCH nf-next v3] netfilter: xtables: lightweight process control group matching, Daniel Borkmann
        
        Re: [PATCH nf-next v3] netfilter: xtables: lightweight process control group matching, Daniel Borkmann
        
        Re: [PATCH nf-next v3] netfilter: xtables: lightweight process control group matching, Li Zefan
        
        Re: [PATCH nf-next v3] netfilter: xtables: lightweight process control group matching, Li Zefan
        
        Re: [PATCH nf-next v3] netfilter: xtables: lightweight process control group matching, Daniel Borkmann
        
        Re: [PATCH nf-next v3] netfilter: xtables: lightweight process control group matching, Daniel Borkmann
[libnftables PATCH v2] examples: add nft-ruleset-get, Arturo Borrero Gonzalez
- Re: [libnftables PATCH v2] examples: add nft-ruleset-get, Pablo Neira Ayuso
  - Re: [libnftables PATCH v2] examples: add nft-ruleset-get, Arturo Borrero Gonzalez
    - Re: [libnftables PATCH v2] examples: add nft-ruleset-get, Pablo Neira Ayuso
      - Re: [libnftables PATCH v2] examples: add nft-ruleset-get, Arturo Borrero Gonzalez
[libnftables PATCH] build: properly handle --without-{xml,json}-parsing, Douglas Freed
- Re: [libnftables PATCH] build: properly handle --without-{xml,json}-parsing, Pablo Neira Ayuso
- Re: [libnftables PATCH] build: properly handle --without-{xml,json}-parsing, Arturo Borrero Gonzalez
[resend patch net-next v3 0/7] fix checkpatch errors, Chen Weilong
- [resend patch net-next v3 1/7] ipv4: do clean up with spaces, Chen Weilong
- [resend patch net-next v3 3/7] ipv4: fix checkpatch error with foo * bar, Chen Weilong
- [resend patch net-next v3 2/7] ipv4: fix checkpatch error "space prohibited", Chen Weilong
- [resend patch net-next v3 7/7] ipv4: ipv4: Cleanup the comments in tcp_yeah.c, Chen Weilong
- [resend patch net-next v3 6/7] ipv4: ERROR: code indent should use tabs where possible, Chen Weilong
- [resend patch net-next v3 5/7] ipv4: ERROR: do not initialise globals to 0 or NULL, Chen Weilong
- [resend patch net-next v3 4/7] ipv4: fix all space errors in file igmp.c, Chen Weilong
IPV6: kernel panic in net filter and ipv6 path while doing interface up and down continuously with ipv6 traffic, Sasikanth babu
- Re: IPV6: kernel panic in net filter and ipv6 path while doing interface up and down continuously with ipv6 traffic, Shawn Wilson
  - Re: IPV6: kernel panic in net filter and ipv6 path while doing interface up and down continuously with ipv6 traffic, Sasikanth babu
    - Re: IPV6: kernel panic in net filter and ipv6 path while doing interface up and down continuously with ipv6 traffic, Sasikanth babu
[patch net-next v3 0/7] fix checkpatch errors, Chen Weilong
- [patch net-next v3 1/7] ipv4: do clean up with spaces, Chen Weilong
- [patch net-next v3 7/7] ipv4: ipv4: Cleanup the comments in tcp_yeah.c, Chen Weilong
- [patch net-next v3 5/7] ipv4: ERROR: do not initialise globals to 0 or NULL, Chen Weilong
- [patch net-next v3 4/7] ipv4: fix all space errors in file igmp.c, Chen Weilong
- [patch net-next v3 3/7] ipv4: fix checkpatch error with foo * bar, Chen Weilong
- [patch net-next v3 6/7] ipv4: ERROR: code indent should use tabs where possible, Chen Weilong
- Re: [patch net-next v3 0/7] fix checkpatch errors, chenweilong
iptc_handle : where is header and structure info for iptc_handle ?, hanasaki@xxxxxxxxx
- Re: iptc_handle : where is header and structure info for iptc_handle ?, Florian Westphal
[PATCH v4 0/2] Add UID/GID info to NFQUEUE, valentina . giusti
- [PATCH v4 1/2] netfilter_queue: enable UID/GID socket info retrieval, valentina . giusti
  - Re: [PATCH v4 1/2] netfilter_queue: enable UID/GID socket info retrieval, Pablo Neira Ayuso
    - Re: [PATCH v4 1/2] netfilter_queue: enable UID/GID socket info retrieval, Valentina Giusti
- [PATCH v4 2/2] libnetfilter_queue: add support for UID/GID socket info, valentina . giusti
  - Re: [PATCH v4 2/2] libnetfilter_queue: add support for UID/GID socket info, Pablo Neira Ayuso
    - [PATCH 0/2] libnetfilter_queue: add support for UID/GID socket info, valentina . giusti
      - [PATCH 2/2] utils: add test for nfq_get_uid and nfq_get_gid, valentina . giusti
        
        Re: [PATCH 2/2] utils: add test for nfq_get_uid and nfq_get_gid, Pablo Neira Ayuso
        
        Re: [PATCH 2/2] utils: add test for nfq_get_uid and nfq_get_gid, Valentina Giusti
      - [PATCH 1/2] src: add support for UID/GID socket info, valentina . giusti
        
        Re: [PATCH 1/2] src: add support for UID/GID socket info, Pablo Neira Ayuso
  - Re: [PATCH v4 2/2] libnetfilter_queue: add support for UID/GID socket info, Pablo Neira Ayuso
[PATCH] nf_conntrack_timestamp: Fix BUG_ON after netns deletion, Helmut Schaa
- Re: [PATCH] nf_conntrack_timestamp: Fix BUG_ON after netns deletion, Pablo Neira Ayuso
[PATCH v3 0/2] Add UID/GID info to NFQUEUE, valentina . giusti
- [PATCH v3 2/2] libnetfilter_queue: add support for UID/GID socket info, valentina . giusti
- [PATCH v3 1/2] netfilter_queue: enable UID/GID socket info retrieval, valentina . giusti
  - Re: [PATCH v3 1/2] netfilter_queue: enable UID/GID socket info retrieval, Florian Westphal
    - Re: [PATCH v3 1/2] netfilter_queue: enable UID/GID socket info retrieval, Valentina Giusti
      - Re: [PATCH v3 1/2] netfilter_queue: enable UID/GID socket info retrieval, Florian Westphal
        
        Re: [PATCH v3 1/2] netfilter_queue: enable UID/GID socket info retrieval, Valentina Giusti
[patch net-next 0/7] fix checkpatch errors, Chen Weilong
- [patch net-next 5/7] ipv4: ERROR: do not initialise globals to 0 or NULL, Chen Weilong
- [patch net-next 6/7] ipv4: ERROR: code indent should use tabs where possible, Chen Weilong
  - Re: [patch net-next 6/7] ipv4: ERROR: code indent should use tabs where possible, Ben Hutchings
    - Re: [patch net-next 6/7] ipv4: ERROR: code indent should use tabs where possible, chenweilong
- [patch net-next 1/7] ipv4: do clean up with spaces, Chen Weilong
- [patch net-next 3/7] ipv4: fix checkpatch error with foo * bar, Chen Weilong
- [patch net-next 4/7] ipv4: fix all space errors in file igmp.c, Chen Weilong
- [patch net-next 7/7] ipv4: ERROR: do not use C99 // comments, Chen Weilong
[PATCH net] net: nft: call ipv6_find_hdr() with explicitly initialized offset, Daniel Borkmann
- Re: [PATCH net] net: nft: call ipv6_find_hdr() with explicitly initialized offset, Pablo Neira Ayuso
[PATCH next 1/2] net: netfilter: avoid get_random_bytes calls, Florian Westphal
- [PATCH next 2/2] netfilter: ctnetlink: honor CTA_MARK_MASK when setting ctmark, Florian Westphal
  - Re: [PATCH next 2/2] netfilter: ctnetlink: honor CTA_MARK_MASK when setting ctmark, Pablo Neira Ayuso
- Re: [PATCH next 1/2] net: netfilter: avoid get_random_bytes calls, Pablo Neira Ayuso
[PATCH] nf-nat: don't use per destination incrementing ports in nat random mode, Hannes Frederic Sowa
- Re: [PATCH] nf-nat: don't use per destination incrementing ports in nat random mode, Daniel Borkmann
  - [PATCH next v2] nf-nat: don't use per destination incrementing ports in nat random mode, Hannes Frederic Sowa
    - Re: [PATCH next v2] nf-nat: don't use per destination incrementing ports in nat random mode, Pablo Neira Ayuso
      - [PATCH v2 -next] netfilter: don't use per-destination incrementing ports in nat random mode, Hannes Frederic Sowa
        
        Re: [PATCH v2 -next] netfilter: don't use per-destination incrementing ports in nat random mode, Pablo Neira Ayuso
        
        Re: [PATCH v2 -next] netfilter: don't use per-destination incrementing ports in nat random mode, Hannes Frederic Sowa
        
        Re: [PATCH v2 -next] netfilter: don't use per-destination incrementing ports in nat random mode, Pablo Neira Ayuso
        
        Re: [PATCH v2 -next] netfilter: don't use per-destination incrementing ports in nat random mode, Daniel Borkmann
        
        [PATCH iptables] iptables: snat: add randomize-full support, Hannes Frederic Sowa
        
        Re: [PATCH iptables] iptables: snat: add randomize-full support, Pablo Neira Ayuso
        
        Re: [PATCH v2 -next] netfilter: don't use per-destination incrementing ports in nat random mode, Pablo Neira Ayuso
        
        Re: [PATCH v2 -next] netfilter: don't use per-destination incrementing ports in nat random mode, Daniel Borkmann
[PATCH v2 0/2] Add UID/GID info to NFQUEUE, valentina . giusti
- [PATCH v2 2/2] libnetfilter_queue: add support for UID/GID socket info, valentina . giusti
- [PATCH v2 1/2] netfilter_queue: enable UID/GID socket info retrieval, valentina . giusti
  - Re: [PATCH v2 1/2] netfilter_queue: enable UID/GID socket info retrieval, Florian Westphal
  - Re: [PATCH v2 1/2] netfilter_queue: enable UID/GID socket info retrieval, Pablo Neira Ayuso
    - Re: [PATCH v2 1/2] netfilter_queue: enable UID/GID socket info retrieval, Pablo Neira Ayuso
      - Re: [PATCH v2 1/2] netfilter_queue: enable UID/GID socket info retrieval, Valentina Giusti
      - Re: [PATCH v2 1/2] netfilter_queue: enable UID/GID socket info retrieval, Valentina Giusti
        
        Re: [PATCH v2 1/2] netfilter_queue: enable UID/GID socket info retrieval, Florian Westphal
[PATCH 0/2] Add UID/GID info to NFQUEUE, valentina . giusti
- [PATCH 1/2] netfilter_queue: enable UID/GID socket info retrieval, valentina . giusti
  - Re: [PATCH 1/2] netfilter_queue: enable UID/GID socket info retrieval, Florian Westphal
    - Re: [PATCH 1/2] netfilter_queue: enable UID/GID socket info retrieval, Valentina Giusti
- [PATCH 2/2] libnetfilter_queue: add support for UID/GID socket info, valentina . giusti
- Re: [PATCH 0/2] Add UID/GID info to NFQUEUE, JP Abgrall
xt_sslpin experimental match module for SSL/TLS pinning, Fredburger
- Re: xt_sslpin experimental match module for SSL/TLS pinning, Arturo Borrero Gonzalez
[PATCHv2 iptables] iptables: Add IPv4/6 IPcomp match support, Fan Du
- Re: [PATCHv2 iptables] iptables: Add IPv4/6 IPcomp match support, Pablo Neira Ayuso
[PATCHv2 net-next] netfilter: add IPv4/6 IPComp extension match support, Fan Du
- Re: [PATCHv2 net-next] netfilter: add IPv4/6 IPComp extension match support, Pablo Neira Ayuso
[PATCH 0/1] add hash:ip,mark data type to ipset, Vytas Dauksa
- [PATCH 1/1] add markmask for hash:ip,mark data type, Vytas Dauksa
  - Re: [PATCH 1/1] add markmask for hash:ip,mark data type, Jozsef Kadlecsik
    - Re: [PATCH 1/1] add markmask for hash:ip,mark data type, Vytas Dauksa
      - Re: [PATCH 1/1] add markmask for hash:ip,mark data type, Jozsef Kadlecsik
        
        Re: [PATCH 1/1] add markmask for hash:ip,mark data type, Vytas Dauksa
        
        Re: [PATCH 1/1] add markmask for hash:ip,mark data type, Jozsef Kadlecsik
- Re: [PATCH 0/1] add hash:ip,mark data type to ipset, Jozsef Kadlecsik
[libnftables PATCH v2] src: update meta expr, Arturo Borrero Gonzalez
[net PATCH 0/2] Fixing OOPSes in seqadj code, Jesper Dangaard Brouer
- [net PATCH 1/2] netfilter: WARN about wrong usage of sequence number adjustments, Jesper Dangaard Brouer
- [net PATCH 2/2] ipvs: correct usage/allocation of seqadj ext in ipvs, Jesper Dangaard Brouer
- Re: [net PATCH 0/2] Fixing OOPSes in seqadj code, Julian Anastasov
  - Re: [net PATCH 0/2] Fixing OOPSes in seqadj code, Simon Horman
    - Re: [net PATCH 0/2] Fixing OOPSes in seqadj code, Simon Horman
[nftables kernel PATCH v3] netfilter: nf_tables: nft_meta module get/set ops, Arturo Borrero Gonzalez
- Re: [nftables kernel PATCH v3] netfilter: nf_tables: nft_meta module get/set ops, Pablo Neira Ayuso
[PATCH] nfnetlink_log: unset nf_loggers for net namespace when unload nfnetlink_log, Gao feng
- Re: [PATCH] nfnetlink_log: unset nf_loggers for net namespace when unload nfnetlink_log, Pablo Neira Ayuso
iptc_handle : finding header and structure info, hanasaki@xxxxxxxxx
[PATCH RFC nf_conntrack_tcp] Export ip_ct_tcp_state variables to userspace, Kristian Evensen
- Re: [PATCH RFC nf_conntrack_tcp] Export ip_ct_tcp_state variables to userspace, Pablo Neira Ayuso
  - Re: [PATCH RFC nf_conntrack_tcp] Export ip_ct_tcp_state variables to userspace, Kristian Evensen
    - Re: [PATCH RFC nf_conntrack_tcp] Export ip_ct_tcp_state variables to userspace, Pablo Neira Ayuso
      - Re: [PATCH RFC nf_conntrack_tcp] Export ip_ct_tcp_state variables to userspace, Kristian Evensen
[PATCH -stable-3.12] netfilter: fix wrong byte order in nf_ct_seqadj_set internal information, Pablo Neira Ayuso
[PATCH 0/2] iptables: IPv4/v6 IPcomp match support, Fan Du
- [PATCH 1/2] iptables: Add IPv4 IPcomp match support, Fan Du
- [PATCH 2/2] iptables: Add IPv6 IPcomp match support, Fan Du
[PATCH net-next 0/2] netfilter: IPv4/v6 IPcomp match support, Fan Du
- [PATCH 1/2] netfilter: add IPv4 IPComp extension match support, Fan Du
- [PATCH 2/2] netfilter: add IPv6 IPComp extension match support, Fan Du
- Re: [PATCH net-next 0/2] netfilter: IPv4/v6 IPcomp match support, Pablo Neira Ayuso
  - Re: [PATCH net-next 0/2] netfilter: IPv4/v6 IPcomp match support, Fan Du
    - Re: [PATCH net-next 0/2] netfilter: IPv4/v6 IPcomp match support, Pablo Neira Ayuso
      - Re: [PATCH net-next 0/2] netfilter: IPv4/v6 IPcomp match support, Fan Du
        
        Re: [PATCH net-next 0/2] netfilter: IPv4/v6 IPcomp match support, Pablo Neira Ayuso
        
        Re: [PATCH net-next 0/2] netfilter: IPv4/v6 IPcomp match support, Fan Du
        
        Re: [PATCH net-next 0/2] netfilter: IPv4/v6 IPcomp match support, Pablo Neira Ayuso
[iptables-nftables PATCH] include: Update nftables API header in sync with kernel's one, Tomasz Bursztyka
- Re: [iptables-nftables PATCH] include: Update nftables API header in sync with kernel's one, Pablo Neira Ayuso
[PATCH] netfilter: Kill unreplied conntracks by ICMP errors, Changli Gao
- Re: [PATCH] netfilter: Kill unreplied conntracks by ICMP errors, Oliver

[Index of Archives] [LARTC] [Berkeley Packet Filter] [Bugtraq] [Yosemite Discussion]